DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

TX: 14,000 Midland ISD students risk identity theft because of sloppy security

Posted on February 4, 2014 by Dissent

From the oh-FFS-dept.:

AP reports:

The identity information of 14,000 past and present Midland Independent School District students has been compromised by a computer theft.

Midland school Superintendent Ryder Warren says a laptop computer and external hard drive containing the information was stolen from the back of a district administrator’s car on Jan. 23. He says the information includes birthdates and Social Security numbers of all current students from seventh grade through high school seniors, along with graduates dating to the class of 2008.

Read more on NBCDFW.

In a February 3rd media notice linked from the district’s homepage as “Unauthorized Information Release Announcement,” Superintendent Warren writes:

 Please be aware that Midland ISD is notifying parents and guardians of an unauthorized information release of selected current and former students’ information.

A computer theft caused the information breach, and MISD is working with the Midland Police Department following the incident.

Current and former MISD students’ Social Security numbers and dates of birth could potentially be used fraudulently. MISD encourages students and/or families to place a fraud alert on their credit lines and to contact at least one of the three major credit bureaus (Equifax, Experian, or TransUnion Corp.). Please see the attached letter for more information. 

As the superintendent of schools, I deeply apologize for any inconveniences that may result from the theft. We are reviewing (and if needed – changing) all district-wide safety measures to help further ensure the security of confidential information in the future. MISD prioritizes the privacy and safety of students and families.

The January 31st notice to parents begins:

To current and former MISD parents or guardians,

This letter is being sent to you as a formal notice that personal information relating to your student, and maintained in a database by Midland ISD, may have been compromised by a recent theft. This notice constitutes the disclosure required under Section 521.053 of the Texas Business & Commerce Code.

On January 23, 2014, MISD was informed that a computer and an external hard drive which contained sensitive personal identifying information was stolen. A police report was immediately filed. MISD believes your student’s name, Social Security number and date of birth may have been contained within the files on the external hard drive.

At this time, MISD has no knowledge that your student’s name or personal identifying information has been accessed or misappropriated.

As part of the report to the Midland Police Department, we reported all of the names of those who could be affected. Your student’s name was included in this group reporting process. By reporting as a group, individually submitted police reports are not necessary.

Possible use of your student’s personal identifying information by unauthorized individuals may result in financial loss to your student. Please refer to the following web sites for helpful information:

[…]

Read more of the notices here (pdf).

Neither of those notices happens to mention that the theft occurred from a district administrator’s car. Nor is there any mention of any disciplinary action taken against the administrator who left the devices in a vehicle. Was the administrator violating any established policy or was there no policy in place that says, “Hey, dummy, don’t leave PII lying around?”

Yes, I’m irked. This is really inexcusable that 14,000 students and their families now have to worry about identity theft because of slack practices by a district administrator.

Category: Commentaries and AnalysesEducation SectorOf NoteTheftU.S.

Post navigation

← FL: Former Mount Sinai Medical Center Temporary Employee Sentenced In Identity Theft Tax Refund Scheme Involving The Theft Of Patient Information
Target Accelerates Implementation of Chip-Enabled Smart Card Technology to Protect Consumers from Fraud →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.